Add migration to change environment_roles role column from string to
enum type. Fix tests and functions affected by the column type change.
This commit is contained in:
parent
bffd981105
commit
17864cc060
@ -0,0 +1,58 @@
|
||||
"""update environment_roles enum list
|
||||
|
||||
Revision ID: 828d8c188dce
|
||||
Revises: 5d7198d34b91
|
||||
Create Date: 2020-01-08 16:08:03.879881
|
||||
|
||||
"""
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = '828d8c188dce' # pragma: allowlist secret
|
||||
down_revision = '5d7198d34b91' # pragma: allowlist secret
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
conn = op.get_bind()
|
||||
conn.execute(
|
||||
"""
|
||||
UPDATE environment_roles
|
||||
SET role = NULL
|
||||
"""
|
||||
)
|
||||
|
||||
op.alter_column(
|
||||
"environment_roles",
|
||||
"role",
|
||||
type_=sa.Enum(
|
||||
"ADMIN",
|
||||
"BILLING_READ",
|
||||
"CONTRIBUTOR",
|
||||
name="role",
|
||||
native_enum=False,
|
||||
),
|
||||
existing_type=sa.VARCHAR(),
|
||||
nullable=True,
|
||||
)
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.alter_column(
|
||||
"environment_roles",
|
||||
"status",
|
||||
type_=sa.VARCHAR(),
|
||||
existing_type=sa.Enum(
|
||||
"ADMIN",
|
||||
"BILLING_READ",
|
||||
"CONTRIBUTOR",
|
||||
name="status",
|
||||
native_enum=False,
|
||||
),
|
||||
)
|
||||
# ### end Alembic commands ###
|
@ -14,7 +14,7 @@ SERVICE_BRANCHES = [
|
||||
]
|
||||
|
||||
ENV_ROLE_NO_ACCESS = "No Access"
|
||||
ENV_ROLES = [(role.value, role.value) for role in CSPRole] + [
|
||||
ENV_ROLES = [(role.name, role.value) for role in CSPRole] + [
|
||||
(ENV_ROLE_NO_ACCESS, ENV_ROLE_NO_ACCESS)
|
||||
]
|
||||
|
||||
|
@ -9,10 +9,9 @@ import atst.models.types as types
|
||||
|
||||
|
||||
class CSPRole(Enum):
|
||||
BASIC_ACCESS = "Basic Access"
|
||||
NETWORK_ADMIN = "Network Admin"
|
||||
BUSINESS_READ = "Business Read-only"
|
||||
TECHNICAL_READ = "Technical Read-only"
|
||||
ADMIN = "Admin"
|
||||
BILLING_READ = "Billing Read-only"
|
||||
CONTRIBUTOR = "Contributor"
|
||||
|
||||
|
||||
class EnvironmentRole(
|
||||
@ -26,7 +25,7 @@ class EnvironmentRole(
|
||||
)
|
||||
environment = relationship("Environment")
|
||||
|
||||
role = Column(String())
|
||||
role = Column(SQLAEnum(CSPRole, native_enum=False), nullable=True)
|
||||
|
||||
application_role_id = Column(
|
||||
UUID(as_uuid=True), ForeignKey("application_roles.id"), nullable=False
|
||||
|
@ -99,7 +99,7 @@ def filter_env_roles_form_data(member, environments):
|
||||
|
||||
if len(env_roles_set) == 1:
|
||||
(env_role,) = env_roles_set
|
||||
env_data["role"] = env_role.role
|
||||
env_data["role"] = env_role.role.name
|
||||
env_data["disabled"] = env_role.disabled
|
||||
|
||||
env_roles_form_data.append(env_data)
|
||||
|
@ -126,7 +126,7 @@
|
||||
{{ env.environment_name }}
|
||||
</span>
|
||||
<span class="env-role__role">
|
||||
: {{ env.role }}
|
||||
: {{ env.role.value }}
|
||||
</span>
|
||||
</div>
|
||||
{% endfor %}
|
||||
|
@ -147,7 +147,7 @@ def test_invite():
|
||||
user_data=user_data,
|
||||
permission_sets_names=permission_sets_names,
|
||||
environment_roles_data=[
|
||||
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value},
|
||||
{"environment_id": env1.id, "role": CSPRole.ADMIN},
|
||||
{"environment_id": env2.id, "role": None},
|
||||
],
|
||||
)
|
||||
@ -173,8 +173,8 @@ def test_invite_to_nonexistent_environment():
|
||||
inviter=application.portfolio.owner,
|
||||
user_data=user_data,
|
||||
environment_roles_data=[
|
||||
{"environment_id": env1.id, "role": CSPRole.BASIC_ACCESS.value},
|
||||
{"environment_id": uuid4(), "role": CSPRole.BASIC_ACCESS.value},
|
||||
{"environment_id": env1.id, "role": CSPRole.ADMIN},
|
||||
{"environment_id": uuid4(), "role": CSPRole.ADMIN},
|
||||
],
|
||||
)
|
||||
|
||||
|
@ -26,8 +26,8 @@ def test_create_environments():
|
||||
|
||||
|
||||
def test_update_env_role():
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
|
||||
new_role = CSPRole.TECHNICAL_READ.value
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
|
||||
new_role = CSPRole.BILLING_READ
|
||||
Environments.update_env_role(
|
||||
env_role.environment, env_role.application_role, new_role
|
||||
)
|
||||
@ -35,7 +35,7 @@ def test_update_env_role():
|
||||
|
||||
|
||||
def test_update_env_role_no_access():
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
|
||||
Environments.update_env_role(env_role.environment, env_role.application_role, None)
|
||||
|
||||
assert not EnvironmentRoles.get(
|
||||
@ -46,15 +46,13 @@ def test_update_env_role_no_access():
|
||||
|
||||
|
||||
def test_update_env_role_disabled_role():
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.BASIC_ACCESS.value)
|
||||
env_role = EnvironmentRoleFactory.create(role=CSPRole.ADMIN)
|
||||
Environments.update_env_role(env_role.environment, env_role.application_role, None)
|
||||
|
||||
# An exception should be raised when a new role is passed to Environments.update_env_role
|
||||
with pytest.raises(DisabledError):
|
||||
Environments.update_env_role(
|
||||
env_role.environment,
|
||||
env_role.application_role,
|
||||
CSPRole.TECHNICAL_READ.value,
|
||||
env_role.environment, env_role.application_role, CSPRole.BILLING_READ,
|
||||
)
|
||||
|
||||
assert env_role.role is None
|
||||
|
@ -255,7 +255,7 @@ class EnvironmentRoleFactory(Base):
|
||||
model = EnvironmentRole
|
||||
|
||||
environment = factory.SubFactory(EnvironmentFactory)
|
||||
role = random.choice([e.value for e in CSPRole])
|
||||
role = random.choice([e for e in CSPRole])
|
||||
application_role = factory.SubFactory(ApplicationRoleFactory)
|
||||
|
||||
|
||||
|
@ -28,7 +28,7 @@ def test_add_user_to_environment():
|
||||
EnvironmentRoleFactory.create(
|
||||
application_role=application_role,
|
||||
environment=dev_environment,
|
||||
role=CSPRole.BASIC_ACCESS.value,
|
||||
role=CSPRole.ADMIN,
|
||||
)
|
||||
assert developer in dev_environment.users
|
||||
|
||||
@ -75,9 +75,9 @@ def test_environment_provisioning_status(env_data, expected_status):
|
||||
|
||||
def test_environment_roles_do_not_include_deleted():
|
||||
member_list = [
|
||||
{"role_name": CSPRole.BASIC_ACCESS.value},
|
||||
{"role_name": CSPRole.BASIC_ACCESS.value},
|
||||
{"role_name": CSPRole.BASIC_ACCESS.value},
|
||||
{"role_name": CSPRole.ADMIN},
|
||||
{"role_name": CSPRole.ADMIN},
|
||||
{"role_name": CSPRole.ADMIN},
|
||||
]
|
||||
env = EnvironmentFactory.create(members=member_list)
|
||||
role_1 = env.roles[0]
|
||||
|
@ -9,9 +9,7 @@ def test_environment_access_with_env_role(client, user_session):
|
||||
app_role = ApplicationRoleFactory.create(
|
||||
user=user, application=environment.application
|
||||
)
|
||||
EnvironmentRoleFactory.create(
|
||||
application_role=app_role, environment=environment, role="developer"
|
||||
)
|
||||
EnvironmentRoleFactory.create(application_role=app_role, environment=environment)
|
||||
user_session(user)
|
||||
response = client.get(
|
||||
url_for("applications.access_environment", environment_id=environment.id)
|
||||
|
@ -153,7 +153,7 @@ def test_post_new_member(monkeypatch, client, user_session, session):
|
||||
"user_data-dod_id": user.dod_id,
|
||||
"user_data-email": user.email,
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
@ -201,7 +201,7 @@ def test_post_update_member(client, user_session):
|
||||
),
|
||||
data={
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
|
@ -129,11 +129,11 @@ def test_edit_application_environments_obj(app, client, user_session):
|
||||
env = application.environments[0]
|
||||
app_role1 = ApplicationRoleFactory.create(application=application)
|
||||
env_role1 = EnvironmentRoleFactory.create(
|
||||
application_role=app_role1, environment=env, role=CSPRole.BASIC_ACCESS.value
|
||||
application_role=app_role1, environment=env, role=CSPRole.ADMIN
|
||||
)
|
||||
app_role2 = ApplicationRoleFactory.create(application=application, user=None)
|
||||
env_role2 = EnvironmentRoleFactory.create(
|
||||
application_role=app_role2, environment=env, role=CSPRole.NETWORK_ADMIN.value
|
||||
application_role=app_role2, environment=env, role=CSPRole.CONTRIBUTOR
|
||||
)
|
||||
|
||||
user_session(portfolio.owner)
|
||||
@ -180,7 +180,7 @@ def test_get_members_data(app, client, user_session):
|
||||
environments=[
|
||||
{
|
||||
"name": "testing",
|
||||
"members": [{"user": user, "role_name": CSPRole.BASIC_ACCESS.value}],
|
||||
"members": [{"user": user, "role_name": CSPRole.ADMIN}],
|
||||
}
|
||||
],
|
||||
)
|
||||
@ -402,7 +402,7 @@ def test_create_member(monkeypatch, client, user_session, session):
|
||||
"user_data-dod_id": user.dod_id,
|
||||
"user_data-email": user.email,
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
@ -511,10 +511,10 @@ def test_update_member(client, user_session, session):
|
||||
env_2 = EnvironmentFactory.create(application=application)
|
||||
# add user to two of the environments: env and env_1
|
||||
updated_role = EnvironmentRoleFactory.create(
|
||||
environment=env, application_role=app_role, role=CSPRole.BASIC_ACCESS.value
|
||||
environment=env, application_role=app_role, role=CSPRole.ADMIN
|
||||
)
|
||||
suspended_role = EnvironmentRoleFactory.create(
|
||||
environment=env_1, application_role=app_role, role=CSPRole.BASIC_ACCESS.value
|
||||
environment=env_1, application_role=app_role, role=CSPRole.ADMIN
|
||||
)
|
||||
|
||||
user_session(application.portfolio.owner)
|
||||
@ -528,13 +528,13 @@ def test_update_member(client, user_session, session):
|
||||
),
|
||||
data={
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": CSPRole.TECHNICAL_READ.value,
|
||||
"environment_roles-0-role": "CONTRIBUTOR",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-environment_name": env_1.name,
|
||||
"environment_roles-1-disabled": "True",
|
||||
"environment_roles-2-environment_id": env_2.id,
|
||||
"environment_roles-2-role": CSPRole.NETWORK_ADMIN.value,
|
||||
"environment_roles-2-role": "BILLING_READ",
|
||||
"environment_roles-2-environment_name": env_2.name,
|
||||
"perms_env_mgmt": True,
|
||||
"perms_team_mgmt": True,
|
||||
@ -565,7 +565,7 @@ def test_update_member(client, user_session, session):
|
||||
environment_roles = application.roles[0].environment_roles
|
||||
# check that the user has roles in the correct envs
|
||||
assert len(environment_roles) == 3
|
||||
assert updated_role.role == CSPRole.TECHNICAL_READ.value
|
||||
assert updated_role.role == CSPRole.CONTRIBUTOR
|
||||
assert suspended_role.disabled
|
||||
|
||||
|
||||
@ -695,7 +695,7 @@ def test_handle_create_member(monkeypatch, set_g, session):
|
||||
"user_data-dod_id": user.dod_id,
|
||||
"user_data-email": user.email,
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
@ -718,7 +718,7 @@ def test_handle_create_member(monkeypatch, set_g, session):
|
||||
assert job_mock.called
|
||||
|
||||
|
||||
def test_handle_update_member(set_g):
|
||||
def test_handle_update_member_success(set_g):
|
||||
user = UserFactory.create()
|
||||
application = ApplicationFactory.create(
|
||||
environments=[{"name": "Naboo"}, {"name": "Endor"}]
|
||||
@ -732,7 +732,7 @@ def test_handle_update_member(set_g):
|
||||
form_data = ImmutableMultiDict(
|
||||
{
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
@ -772,7 +772,7 @@ def test_handle_update_member_with_error(set_g, monkeypatch, mock_logger):
|
||||
form_data = ImmutableMultiDict(
|
||||
{
|
||||
"environment_roles-0-environment_id": env.id,
|
||||
"environment_roles-0-role": "Basic Access",
|
||||
"environment_roles-0-role": "ADMIN",
|
||||
"environment_roles-0-environment_name": env.name,
|
||||
"environment_roles-1-environment_id": env_1.id,
|
||||
"environment_roles-1-role": NO_ACCESS,
|
||||
|
@ -213,7 +213,7 @@ def test_applications_access_environment_access(get_url_assert_status):
|
||||
"environments": [
|
||||
{
|
||||
"name": "thebar",
|
||||
"members": [{"user": dev, "role_name": "devops"}],
|
||||
"members": [{"user": dev, "role_name": "ADMIN"}],
|
||||
}
|
||||
],
|
||||
}
|
||||
|
@ -24,7 +24,7 @@ from tests.factories import (
|
||||
PortfolioFactory,
|
||||
ApplicationRoleFactory,
|
||||
)
|
||||
from atst.models import EnvironmentRole, ApplicationRoleStatus
|
||||
from atst.models import CSPRole, EnvironmentRole, ApplicationRoleStatus
|
||||
|
||||
|
||||
@pytest.fixture(autouse=True, scope="function")
|
||||
@ -293,7 +293,7 @@ def test_do_provision_user(csp, session):
|
||||
environment_role = EnvironmentRoleFactory.create(
|
||||
environment=provisioned_environment,
|
||||
status=EnvironmentRole.Status.PENDING,
|
||||
role="my_role",
|
||||
role="ADMIN",
|
||||
)
|
||||
|
||||
# When I call the user provisoning task
|
||||
@ -302,7 +302,7 @@ def test_do_provision_user(csp, session):
|
||||
session.refresh(environment_role)
|
||||
# I expect that the CSP create_or_update_user method will be called
|
||||
csp.create_or_update_user.assert_called_once_with(
|
||||
credentials, environment_role, "my_role"
|
||||
credentials, environment_role, CSPRole.ADMIN
|
||||
)
|
||||
# I expect that the EnvironmentRole now has a csp_user_id
|
||||
assert environment_role.csp_user_id
|
||||
|
Loading…
x
Reference in New Issue
Block a user